Crown agency Cert warns about webcam blackmail scam

A spike has been seen in online blackmail incidents, according to the government's new Computer Emergency Response team (Cert) and Netsafe, the approved agency policing the Harmful Digital Communications Act.

Scammers claim to have video footage of people in compromising positions and they are using it to blackmail them, Cert says.

Here's the official advisory:

Reports received by Cert and Netsafe follow a similar format. A scammer will send a blackmail email to a person. The email claims that when the person visited an unspecified adult website the scammer turned on the person’s webcam and recorded what was happening. The scammer threatens to email the video to all the person’s contacts unless they pay a ransom of around $500.

Cert can't confirm whether the video recordings actually exist or if this is an opportunistic scam.

Netsafe has also seen reports of another version of this scam. A scammer will set up an online profile with an attractive profile picture. This could be on social media or on an online dating site. They connect with a person and encourage them to perform certain acts with the webcam on. They record this activity and use it to blackmail the person. There have been reports of these videos being released on social media.

What to do

Prevention

• For extra security, cover your webcam with removable tape or a webcam cover when you are not using it.
• Be smart about making friends on social media:
• Only accept friend invitations from people you know in real life. This means someone you know personally, or someone you know is a real person, like a celebrity or public figure.
• Remember, if you don't want to be friends with someone, or let them see what you're posting, you can block them.
• Understand your privacy settings
• Get to know the privacy settings for each of your social media accounts – you’ll find them in your account settings. Think about who you want to see your profile, and what kind of information you want them to see.
• Check your settings regularly. They’re often updated so review them from time to time to make sure that nothing’s changed.

Mitigation

Do not pay the ransom. It can be tempting to pay money to make the problem go away. In similar cases overseas, the scammers continue to ask for more money once the first ransom is paid.

Do not contact the scammers. Block them on whichever method of communication they’re using to speak to you.

Consider temporarily deactivating your social media profiles so no one can access your contacts.

If you're affected by this scam, there is a chance you could have malware on your computer system. We recommend taking your computer to an IT specialist to check for malware.

Report the incident to Netsafe. You can do this by:

• filling out an online contact form
• emailing queries@netsafe.org.nz
• calling 0508 NETSAFE (0508 638 723).
• Report an incident to Netsafe via netsafe.org.nz/report

Reporting to Police (which Netsafe can help you with):

Blackmail is a serious criminal offence in New Zealand, punishable by up to 14 years' imprisonment.

Until you decide what you want to do with the incident, don’t delete any information, including the original demand, any other correspondence, social network accounts the scammer has used, and methods of payment.

Digital evidence is fragile and needs to be captured in a timely fashion.  Once deleted or blocked the evidence is generally gone.